Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware

2022-05-10 05:27

The Computer Emergency Response Team of Ukraine has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems.

The mass email campaign carries the subject line "Chemical attack" and contains a link to a macro-enabled Microsoft Excel file, opening which leads to computers getting infected with Jester Stealer.

Jester Stealer, which was first documented by Cyble in February 2022, comes with features to steal and transmit login credentials, cookies, and credit card information along with data from passwords managers, chat messengers, email clients, crypto wallets, and gaming apps to the attackers.

The Jester Stealer campaign coincides with another phishing attack that CERT-UA has attributed to the Russian nation-state actor tracked as APT28.

The emails, titled "??????????", masquerade as a security notification from CERT-UA and come with a RAR archive file "UkrScanner.rar" attachment that, when opened, deploys a malware called CredoMap v2.

"Unlike prior versions of this stealer malware, this one uses the HTTP protocol for data exfiltration," CERT-UA noted.

News URL

https://thehackernews.com/2022/05/ukrainian-cert-warns-citizens-of-new.html

#attack #cert #malware #ukrainian

News URL

Related news